diff --git a/.github/README.md b/.github/README.md index 5ac5a25..3af8c3a 100644 --- a/.github/README.md +++ b/.github/README.md @@ -1,12 +1,11 @@ -# go-test-sarif and go-test-sarif-action +# go-test-sarif -`go-test-sarif` is a CLI tool and GitHub Action for converting `go test -json` output into SARIF format, +`go-test-sarif` is a CLI tool for converting `go test -json` output into SARIF format, making it compatible with GitHub Security Tab and other SARIF consumers. ## 🚀 Features - Converts `go test -json` output to **SARIF format**. -- **GitHub Action integration** for CI/CD pipelines. - Generates structured test failure reports for **security and compliance tools**. - Works as a **standalone CLI tool**. @@ -18,12 +17,6 @@ making it compatible with GitHub Security Tab and other SARIF consumers. go install github.com/ivuorinen/go-test-sarif-action@latest ``` -### Using Docker - -```sh -docker pull ghcr.io/ivuorinen/go-test-sarif-action:latest -``` - ## 🛠️ Usage ### CLI Usage @@ -33,35 +26,10 @@ go test -json ./... > go-test-results.json go-test-sarif go-test-results.json go-test-results.sarif ``` -### Docker Usage - -```sh -docker run --rm -v $(pwd):/workspace ghcr.io/ivuorinen/go-test-sarif-action go-test-results.json go-test-results.sarif -``` - -### GitHub Action Usage - -Add the following step to your GitHub Actions workflow: - -```yaml -- name: Convert JSON to SARIF - uses: ivuorinen/go-test-sarif-action@v1 - with: - test_results: go-test-results.json -``` - -To upload the SARIF file to GitHub Security Tab, add: - -```yaml -- name: Upload SARIF report - uses: github/codeql-action/upload-sarif@v2 - with: - sarif_file: go-test-results.sarif -``` - ## 📜 Output Example SARIF report example: + ```json { "version": "2.1.0", @@ -100,9 +68,10 @@ SARIF report example: ## 🏗 Development Clone the repository and build the project: + ```sh git clone https://github.com/ivuorinen/go-test-sarif-action.git -cd go-test-sarif +cd go-test-sarif-action go build -o go-test-sarif ./cmd/main.go ``` @@ -118,4 +87,4 @@ This project is licensed under the **MIT License**. ## 🤝 Contributing -Pull requests are welcome! For major changes, please open an issue first to discuss the changes. +Pull requests are welcome! For major changes, open an issue to discuss them. diff --git a/.github/workflows/publish-immutable-actions.yml b/.github/workflows/publish-immutable-actions.yml deleted file mode 100644 index feaa083..0000000 --- a/.github/workflows/publish-immutable-actions.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json -name: 'Publish Immutable Action Version' - -on: - release: - types: [published] - -permissions: read-all - -jobs: - publish: - runs-on: ubuntu-latest - permissions: - contents: read - id-token: write - packages: write - - steps: - - name: Checking out - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - name: Publish - id: publish - uses: actions/publish-immutable-action@4bc8754ffc40f27910afb20287dbbbb675a4e978 # v0.0.4 diff --git a/.github/workflows/release-new-action-version.yml b/.github/workflows/release-new-action-version.yml deleted file mode 100644 index 1e0c119..0000000 --- a/.github/workflows/release-new-action-version.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- -# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json -name: Release new action version - -on: - release: - types: [released] - -env: - TAG_NAME: ${{ github.event.release.tag_name }} - -permissions: read-all - -jobs: - update_tag: - name: Update the major tag to include the ${{ env.TAG_NAME }} changes - environment: - name: releaseNewActionVersion - runs-on: ubuntu-latest - permissions: - contents: write - steps: - - name: Update the ${{ env.TAG_NAME }} tag - uses: actions/publish-action@f784495ce78a41bac4ed7e34a73f0034015764bb # v0.3.0 - with: - source-tag: ${{ env.TAG_NAME }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index ef38fd9..a2872db 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -28,10 +28,7 @@ jobs: run: go test -json ./... > go-test-results.json - name: Convert JSON to SARIF - uses: ivuorinen/go-test-sarif-action@58ffaaacdb178a5d053f8e8c2693966422a3ecda # v1 - with: - input_file: go-test-results.json - output_file: go-test-results.sarif + run: go run ./cmd/main.go go-test-results.json go-test-results.sarif - name: Upload SARIF to GitHub Security Tab uses: github/codeql-action/upload-sarif@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2 diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 30c9bb0..0000000 --- a/Dockerfile +++ /dev/null @@ -1,10 +0,0 @@ -FROM golang:1.24-alpine AS build -WORKDIR /app -COPY . . -RUN go build -o /go-test-sarif ./cmd/main.go - -FROM alpine:3.22.0 -COPY --from=build /go-test-sarif /go-test-sarif -COPY action/entrypoint.sh /entrypoint.sh -RUN chmod +x /entrypoint.sh -ENTRYPOINT ["/entrypoint.sh"] diff --git a/action.yml b/action.yml deleted file mode 100644 index 792d87c..0000000 --- a/action.yml +++ /dev/null @@ -1,22 +0,0 @@ -name: 'Go Test to SARIF Converter' -description: 'Converts Go test JSON output to SARIF format.' - -author: 'Ismo Vuorinen' -branding: - icon: "check" - color: "green" - -inputs: - input_file: - description: 'Path to the Go test JSON results file.' - required: true - output_file: - description: 'Path where the SARIF output should be saved.' - required: true - -runs: - using: "docker" - image: "docker://ivuorinen/go-test-sarif-action:v1" - with: - input_file: ${{ inputs.input_file }} - output_file: ${{ inputs.output_file }} diff --git a/action/entrypoint.sh b/action/entrypoint.sh deleted file mode 100755 index d5fbbbc..0000000 --- a/action/entrypoint.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/sh -set -e - -if [ -z "$INPUT_TEST_RESULTS" ]; then - echo "Missing test results input file" - exit 1 -fi - -OUTPUT_FILE="go-test-results.sarif" - -/go-test-sarif "$INPUT_TEST_RESULTS" "$OUTPUT_FILE" - -echo "Generated SARIF report: $OUTPUT_FILE"